diff options
| -rw-r--r-- | krebs/3modules/lass/default.nix | 9 | ||||
| -rw-r--r-- | lass/1systems/dishfire/config.nix | 53 | ||||
| -rw-r--r-- | lass/1systems/dishfire/physical.nix | 44 | ||||
| -rw-r--r-- | lass/1systems/dishfire/source.nix | 3 |
4 files changed, 19 insertions, 90 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 49ba09ecc..1f118b8b0 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -23,7 +23,10 @@ in { cores = 4; nets = rec { internet = { - ip4.addr = "144.76.172.188"; + ip4 = rec { + addr = "157.90.232.92"; + prefix = "${addr}/32"; + }; aliases = [ "dishfire.i" ]; @@ -32,7 +35,7 @@ in { retiolum = { via = internet; ip4.addr = "10.243.133.99"; - ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233"; + ip6.addr = r6 "d15f:1233"; aliases = [ "dishfire.r" ]; @@ -46,7 +49,7 @@ in { HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB -----END RSA PUBLIC KEY----- ''; - tinc.port = 993; + tinc.port = 655; }; }; ssh.privkey.path = <secrets/ssh.id_ed25519>; diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 3d5f32180..b814d7188 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -4,59 +4,6 @@ imports = [ <stockholm/lass> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/git.nix> - { - networking.dhcpcd.allowInterfaces = [ - "enp*" - "eth*" - "ens*" - ]; - } - { - sound.enable = false; - } - { - environment.systemPackages = with pkgs; [ - mk_sql_pair - ]; - } - { - imports = [ - <stockholm/lass/2configs/websites/fritz.nix> - ]; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport http"; target = "ACCEPT"; } - { predicate = "-p tcp --dport https"; target = "ACCEPT"; } - ]; - } - { - #TODO: abstract & move to own file - krebs.exim-smarthost = { - enable = true; - relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [ - config.krebs.hosts.mors - config.krebs.hosts.uriel - ]; - system-aliases = [ - { from = "mailer-daemon"; to = "postmaster"; } - { from = "postmaster"; to = "root"; } - { from = "nobody"; to = "root"; } - { from = "hostmaster"; to = "root"; } - { from = "usenet"; to = "root"; } - { from = "news"; to = "root"; } - { from = "webmaster"; to = "root"; } - { from = "www"; to = "root"; } - { from = "ftp"; to = "root"; } - { from = "abuse"; to = "root"; } - { from = "noc"; to = "root"; } - { from = "security"; to = "root"; } - { from = "root"; to = "lass"; } - ]; - }; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } - ]; - } ]; krebs.build.host = config.krebs.hosts.dishfire; diff --git a/lass/1systems/dishfire/physical.nix b/lass/1systems/dishfire/physical.nix index 64e3904e0..ca013132f 100644 --- a/lass/1systems/dishfire/physical.nix +++ b/lass/1systems/dishfire/physical.nix @@ -1,39 +1,21 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, modulesPath, ... }: + { imports = [ ./config.nix - <nixpkgs/nixos/modules/profiles/qemu-guest.nix> - ]; - - boot.loader.grub = { - device = "/dev/vda"; - splashImage = null; - }; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "ehci_pci" - "uhci_hcd" - "virtio_pci" - "virtio_blk" + (modulesPath + "/profiles/qemu-guest.nix") ]; - fileSystems."/" = { - device = "/dev/mapper/pool-nix"; - fsType = "ext4"; - }; + boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.loader.grub.devices = [ "/dev/sda" ]; - fileSystems."/srv/http" = { - device = "/dev/pool/srv_http"; - fsType = "ext4"; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/84053adc-49bc-4e02-8a19-3838bf3a43fd"; + fsType = "ext4"; + }; - fileSystems."/boot" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - fileSystems."/bku" = { - device = "/dev/pool/bku"; - fsType = "ext4"; - }; + swapDevices = [ ]; } diff --git a/lass/1systems/dishfire/source.nix b/lass/1systems/dishfire/source.nix deleted file mode 100644 index 2445af130..000000000 --- a/lass/1systems/dishfire/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import <stockholm/lass/source.nix> { - name = "dishfire"; -} |